Sandwich, Kent.
Keen to hear from Computing and Engineering Graduates
Why Patients Need You
Technology impacts everything we do. Pfizer’s digital and ‘data first’ strategy focuses on implementing impactful and innovative technology solutions across all functions from research to manufacturing. Whether you are digitizing drug discovery and development, identifying solutions, or making our work easier and faster, you will be making a difference to countless lives.
The Global Information Security (GIS) organization secures Pfizer’s most important information assets through world class talent, top security controls and an empowered culture that serves to enable Pfizer’s mission of delivering breakthroughs that change patients’ lives.
What You Will Achieve
The Cyber Threat Intelligence team is responsible for reducing risk to Pfizer from cyber threats by understanding adversary tactics, techniques and procedures with a focus on deriving, curating and disseminating intelligence to key stakeholders, including additional focus on effectively building proactive countermeasures to detect and prevent malicious activity.
The incumbent will be a member of the Cyber Threat Intelligence team responsible for researching, understanding and tracking various cyber threats with a focus on motives supporting espionage and financial computer network operations. A successful incumbent will be effective at deriving and analyzing cyber threat intelligence that will enable our stakeholders to successfully reduce risk to Pfizer. The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Cyber Threat Intelligence Manager within the Pfizer Digital Global Information Security organization.
How You Will Achieve It
-
Acquiring and maintaining knowledge of the cyber threat landscape from open source and privately produced intelligence reports to include advanced threat actors, techniques, capabilities and targets relevant to industry.
-
Performing technical indicator of compromise (IOC) analysis of cyber threats through in-depth pivoting using internally developed and external tools and services.
-
Conducting in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK.
-
Development of strategic, tactical and operational intelligence reports for stakeholder dissemination.
-
Participate in team projects centered around the cyber threat intelligence mission.
-
Present knowledge and intelligence related to cyber threats at both a technical and management level to help shape both tactical and strategic priorities.
-
Generate tactical detections and mitigations to support the identification of cyber threats.
-
Participating in the execution of intelligence-based incident response processes.
-
Perform extensive OSINT analysis to support daily team intelligence requirements.
-
Interface with external sharing communities through the sharing of timely and relevant cyber threats.
Qualifications
Must-Have
-
Bachelor’s Degree in Information Security, Computer Sciences, Information Systems, Engineering, Sciences or related field.
-
Entry level experience with techniques of Computer Network Exploitation and Defense (CNE / CND).
-
Familiarity with frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK.
-
Familiarity with common security controls including firewalls, proxies, IDS/IPS, SIEM, Netflow, Advanced Threat Detection products, etc.
-
Familiarity with TCP/IP, common networking ports and protocols (HTTP, DNS, etc), traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
-
Familiarity with Indicator of Compromise (IOC) pivoting techniques across different platforms and datasets.
-
Entry level experience in information analysis and the intelligence analysis cycle.
-
Ability to provide concise and accurate communications (both verbal and written).
-
Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts.
-
Demonstrated commitment to training, self-study and maintaining proficiency in the cyber threat intelligence domain.
Nice-to-Have
-
Entry level experience in Incident Response / Security Operations / Threat Intelligence functions using a wide variety of security tools for monitoring a large-scale enterprise environment.
-
Experience in developing yara rules to aid in the proactive identification of adversary capabilities using various open and closed source platforms.
-
Entry level experience performing malware analysis to identify functionality of adversary tools and capabilities.
-
Ability to program in Python.
-
Entry level experience using structured analytic techniques and identifying biases.
-
Incident response experience to include analysis of forensic artifacts on Windows based operating systems.
-
Experience performing data analysis using Splunk and the creation of advanced queries, alerts, and reports.
-
Understands attack signatures, tactics, techniques and procedures associated with advanced threats and the ability to develop relevant alerting and countermeasures.
-
Information Security related certifications such as Security+, GCIA, GCIH, GCTI, GREM or similar
Purpose
Breakthroughs that change patients’ lives… At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let’s start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms – allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.